Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/5aik20ygrF4My0NrYMRZesBcJDo.roa
File: 5aik20ygrF4My0NrYMRZesBcJDo.roa (raw, json)
Hash identifier: KUjDKKALEVGAMiNONacZXK1OzvA8rcboiB8Zra9ilfs=
Subject key identifier: E5:A8:A4:DB:4C:A0:AC:5E:0C:CB:43:6B:60:C4:59:7A:C0:5C:24:3A
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019D97780F948005BCE288B50E00FE3247D6
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/5aik20ygrF4My0NrYMRZesBcJDo.roa
Signing time: Thu 16 Apr 2026 18:05:21 +0000
ROA not before: Thu 16 Apr 2026 18:05:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198250
IP address blocks: 194.231.128.0/24 maxlen: 24
194.231.131.0/24 maxlen: 24
194.231.148.0/24 maxlen: 24
194.231.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:78:0f:94:80:05:bc:e2:88:b5:0e:00:fe:32:47:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Apr 16 18:05:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e5a8a4db4ca0ac5e0ccb436b60c4597ac05c243a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ac:39:49:a0:07:e2:dc:e4:f9:69:ef:de:5a:
1b:29:2f:ff:93:7e:3a:dc:36:be:43:7c:95:c7:b3:
19:1a:fb:92:1c:54:aa:6e:e2:b9:69:96:c7:9d:48:
55:11:61:58:2a:24:2e:a9:11:b1:98:00:ba:50:c9:
dd:29:37:60:51:09:0b:13:94:37:78:64:83:e8:58:
d8:7e:3a:92:f6:17:a0:7c:7e:64:6d:ae:05:b2:c8:
d2:39:a4:62:66:18:54:c1:2b:e6:ba:06:d7:da:22:
00:63:05:14:d0:bc:4e:8a:ed:1a:dd:0b:79:01:39:
c4:ba:2f:ed:d1:47:ea:58:02:8c:6f:03:8a:1b:3a:
55:8e:db:44:34:30:07:8d:0e:55:76:a8:f5:e6:2d:
12:4e:c4:e4:ba:67:d4:f1:ba:f4:c2:a6:d5:37:ec:
6b:23:82:61:87:e6:9b:f6:d3:09:70:1c:e0:28:48:
32:12:d3:5e:0c:43:39:4c:de:3d:34:98:9b:2a:32:
9c:8d:96:f6:2a:58:54:d5:52:e0:20:02:fe:38:13:
0c:fd:99:39:8c:70:b0:e4:72:0c:01:07:99:a6:cc:
66:a3:34:fe:5a:ac:07:b4:f0:3b:ae:6f:b0:5b:f9:
0a:52:da:51:8a:d2:48:67:a0:89:68:39:84:24:95:
d2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A8:A4:DB:4C:A0:AC:5E:0C:CB:43:6B:60:C4:59:7A:C0:5C:24:3A
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/5aik20ygrF4My0NrYMRZesBcJDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.231.128.0/24
194.231.131.0/24
194.231.148.0/24
194.231.200.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:a3:c8:da:e5:a5:cb:27:2e:05:5b:39:c1:fd:cc:98:f7:2b:
af:64:21:fd:f0:01:50:de:72:b9:e2:71:59:fe:a6:cf:fc:32:
03:b1:58:4c:b9:0a:d0:c6:9d:e5:81:94:87:8e:10:46:0b:22:
b5:e6:71:d4:27:f3:b2:e1:f1:89:7a:b4:4a:f3:19:73:1a:11:
75:9c:96:42:ba:4d:16:17:05:ea:d4:ce:9c:c1:3a:d6:46:a2:
0b:d1:24:55:4d:67:ee:32:65:f6:71:b2:ba:82:ba:3e:ee:04:
7b:8b:00:1b:86:ea:ad:7c:0e:bb:de:8f:39:9e:c1:64:f8:a0:
cf:5c:21:64:f5:66:06:40:5d:7b:00:ac:0b:ab:5a:71:c0:96:
b8:63:28:a7:6d:26:90:d1:f6:2b:a8:1c:3d:d3:7f:50:23:1a:
0a:e3:86:41:fd:59:e4:bd:58:e1:1b:bd:44:8f:90:d8:74:93:
5f:f6:ee:f6:d2:dc:46:1f:25:0c:cd:fc:88:cf:df:1a:6e:c8:
a5:82:94:7d:d9:85:7d:f8:65:ee:f2:3f:fe:1a:86:c8:59:cd:
80:42:54:ed:59:5f:4b:92:96:83:90:ab:ce:51:ea:5a:ff:0d:
0e:b9:e1:84:87:59:65:65:bb:e6:ba:cd:13:80:34:c7:c0:a1:
02:8e:ad:b1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2XeA+UgAW84oi1DgD+MkfWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjYwNDE2MTgwNTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWE4YTRkYjRjYTBhYzVlMGNjYjQzNmI2MGM0NTk3YWMwNWMyNDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqw5SaAH4tzk+Wnv3lobKS//k346
3Da+Q3yVx7MZGvuSHFSqbuK5aZbHnUhVEWFYKiQuqRGxmAC6UMndKTdgUQkLE5Q3
eGSD6FjYfjqS9hegfH5kba4FssjSOaRiZhhUwSvmugbX2iIAYwUU0LxOiu0a3Qt5
ATnEui/t0UfqWAKMbwOKGzpVjttENDAHjQ5Vdqj15i0STsTkumfU8br0wqbVN+xr
I4Jhh+ab9tMJcBzgKEgyEtNeDEM5TN49NJibKjKcjZb2KlhU1VLgIAL+OBMM/Zk5
jHCw5HIMAQeZpsxmozT+WqwHtPA7rm+wW/kKUtpRitJIZ6CJaDmEJJXSvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOWopNtMoKxeDMtDa2DEWXrAXCQ6MB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvNWFpazIweWdyRjRNeTBOcllNUlplc0JjSkRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwueAAwQA
wueDAwQAwueUAwQAwufIMA0GCSqGSIb3DQEBCwUAA4IBAQDXo8ja5aXLJy4FWznB
/cyY9yuvZCH98AFQ3nK54nFZ/qbP/DIDsVhMuQrQxp3lgZSHjhBGCyK15nHUJ/Oy
4fGJerRK8xlzGhF1nJZCuk0WFwXq1M6cwTrWRqIL0SRVTWfuMmX2cbK6gro+7gR7
iwAbhuqtfA673o85nsFk+KDPXCFk9WYGQF17AKwLq1pxwJa4YyinbSaQ0fYrqBw9
039QIxoK44ZB/VnkvVjhG71Ej5DYdJNf9u720txGHyUMzfyIz98absilgpR92YV9
+GXu8j/+GobIWc2AQlTtWV9LkpaDkKvOUepa/w0OueGEh1llZbvmus0TgDTHwKEC
jq2x
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:26:06 2026 by rpki-client